4

Prevention and combating CSA: a path toward a privacy consensus
Legal opinion commissioned by DOT Europe. This opinion presents the views of the authors and does not necessarily represent the position of DOT Europe or of its members. Co-authored with Jan Bednarski and Michał Czarnuch from the Rymarz Zdort Maruta law firm
Proposed additional GDPR enforcement rules (LIBE Report): compatibility with the Charter of Fundamental Rights and consistency with the GDPR
This legal analysis was commissioned by the Computer & Communications Industry Association (CCIA Europe). The opinions offered herein are purely those of the author, and do not necessarily represent the views of CCIA Europe.
Schrems III: Gauging the Validity of the GDPR Adequacy Decision for the United States
The EU Court of Justice’s (CJEU) July 2020 Schrems II decision generated significant uncertainty, as well as enforcement actions in various EU countries, as it questioned the lawfulness of transferring data to the United States under the General Data Protection Regulation (GDPR)1 while relying on “standard contractual clauses.
MEV on Ethereum: A Policy Analysis
Download from SSRN In cryptocurrency markets, maximal extractable value (“MEV”) is typically defined as “excess profit that a miner [validator] can extract by adjusting execution of user transactions.” MEV extraction has slowly been gaining broader recognition, e.
Report on the UK Online Safety Bill
with Matthew Lesh The draft Online Safety Bill presents a significant threat to freedom of speech, privacy and innovation. ‘Safety’ has been prioritised over freedom. The Bill’s proponents wrongly assume it is possible to remove ‘bad’ content without negatively impacting on the ‘good’ and that platforms, not users, are responsible for ‘harms’.
Report on the definition of ‘AI’ in the EU AI Regulation
with Ben Mueller The EU’s proposed Artificial Intelligence Act (AIA) would create a risk-based framework for regulating AI, with designated “high-risk” sectors subject to a long list of rules that regulate how firms can design, train, and deploy AI systems.
Reports on the EU Digital Services Act
I continue to analyse the proposed EU Digital Services Act as it is being debated in the EU legislature. So far, I have published the following reports: ‘The Digital Services Act and Small and Medium Enterprises as users of online services’ (EPICENTER policy brief, 13 October 2021).
The Great Transatlantic Data Disruption
with Kristian Stout (Director of Innovation Policy, International Center for Law & Economics) and Michael Mandel (Vice President and Chief Economist, Progressive Policy Institute) The full text of the paper can be downloaded here.
Regulating for Cybersecurity
in Polish, with Maciej Troć The full text of the report (in Polish) can be downloaded here. This report gives on overview of the problem of cybersecurity and discusses four models of regulation aimed at improving cybersecurity relevant for Poland and the European Union.
How to Protect Consumer Privacy and Data Security in the Age of 5G?
with Fred Roeder Published in Brazilian Portuguese (Pedro Gonet Branco tr) as ‘Como proteger a privacidade do consumidor e a segurança de dados na era do 5g?’ (2019) 16 Revista dos Estudantes de Direito da Universidade de Brasília (RED|UnB)